7 Things to Keep in Mind about Website Security in WordPress
While no email account or blog can every be 100% secure it makes sense to prevent what you can by preparing for the worst. How secure is your WordPress Website? Staff has measures in place to protect password guessing or “brute force” attacks but what are your habits? It’s critical recognize that most hack attacks succeed only because the blogger in question did not prioritize security.
To add another layer of home security WordPress has implemented two step authentication a second step to the login process that no one but you can access.
Hacking into computer systems for malicious intent is not a new thing for web developers. Hack attacks have increased since posting my email and posting by voice were implemented. Those who have experienced an email account hack attack or a blog hack attack know how aggravating it can be to deal with the aftermath. One hack attack can destroy all the work you have done and the time it will take to repair the blog and the damage and your blog’s reputation will be costly too.
Sometimes hacking is immediately obvious and sometimes it’s not. A theme change, a post you did not publish, a scrambled or empty blog is easily spotted. But if you don’t maintain and track your links then links to illegal sites embedded in your images, links changed to direct visitors to malware sites instead of the sites you linked to, or even comments that appear to have been made by you that weren’t may not be spotted immediately.
Prepare for hack attacks:
Computer security software
Make sure your computer security software, including security patches and firewalls are up-to-date. Configure software for automatic updates and be sure it’s always functioning. For laptops, be sure to use encryption software. You can protect your home or work network by ensuring you have a strong password set up.
Moreover, if you are starting a blog in India, you should have to more careful about wordpress security. In our country, people don’t take website security seriously and sometimes this becomes the reason when they to lose their website data.
Create unique user accounts for all so each person has to provide his or her username and password before accessing the network. Secure your wireless home network, Set up a network security key, change the advanced to limit access settings, and turn on firewall protection. Use a router to connect your network to the internet and change the default SSID immediately when configuring wireless security on your network.
Admin access limitations
Be the only Admin on your blog. Have more than one Admin account yourself, and be sure the username and passwords for your accounts are unique. Restrict users to the minimal level of access required by assigning appropriate roles.
Backup your content
There are several means available that you can use to backup your WordPress.com blog content.
The Safe Option – Use an Offline Blog Editor
such as Google docs or ms word and paste work around
Highlight all of the post (Control A on windows) and copy it to the clipboard (Control C) and, while everything was still highlighted, click “Publish”.
Even if you lose the post, you’ll still have it on the clipboard and it’s the work of a moment to do another.
Subscribe to Your Blog’s RSS Feeds
Periodically Export Backup Copies
Subscribe to your RSS Feed and Back-up using Feedburner and Gmail
Use Reliable WordPress Hosting
Most of the times beginners try to save money on hosting plans. In the need of cheap hosting plans, people buy hostings from companies which do not provide complete security to the users. for instance, there are many hosting companies who provide hosting for less than a dollar or sometimes for free. However, these companies do not use highest level of secure servers. As a results, hackers access your site easily.
Therefore, you should not compromise with hosting packages only for 3-4 dollars difference. You can always choose affordable plans from branded hosting companies such as Siteground, Godaddy, Bluehost or HostGator.
These big brands will never fall you with security breach. You can always stay calm about your hosting secrurity.
Use Strong passwords
A strong password containing both numbers and letters is one of the first lines of defense against hacker attacks. Make sure your password cannot be associated with you in any way eg. it doesn’t contain your name, address, or date of birth. Use a Password manager, review your e-mail accounts and blog accounts, set strong passwords and use a unique strong password for every account. Do not share your passwords or PINs with others. Never use the same password on multiple accounts. If you used the same password multiple places, then your account can be easily compromised.
“Add a phony email address to your list of contacts [in your email account]: firstname.lastname@example.org. This email address will probably become the first contact in your address book, so it will be the first receiver of a spam email from anyone. You would get a mail failure notice just after a second that the email wasn’t delivered. This is also a easy way of checking to see whether changing your password on your email account was effective.” –What Will You Do If Your Email Will Be Hacked
Avoid logging into important accounts and providing personal information and details over an unsecured Wi-Fi network. The state of security for most home Wi-Fi networks was nearly non-existent only a few years ago. Today wireless network “hotspots” in public areas like internet cafes and restaurants, airports, hotels reduce their security settings so it is easier for individuals to access and use these wireless networks. Hackers increasingly target those open Wi-Fi network connections to steal data.
Secure Log-in and Log-out
Use SSL encryption at blog login or administration pages.
Always “log out” to terminate your access to your accounts.
“If you are not logging out of every account each time you use it, you are putting yourself at risk, gambling your online reputation, money, and more. This is because leaving yourself logged in to a social network, bank account, or anything that requires a username/password leaves your account vulnerable to infiltration by hackers. Basically, not logging out is the equivalent of leaving your car unlocked or your wallet unattended in public.” — Why You Should Always Log Out of Your Accounts
If you do use another computer, delete your “Temporary Internet Files” or “Cache” and clear your “History” after you log out of your account.
Do you know how to react to a hack attack?
Go to your wp dashboard > Click on Users > All Users and delete any user that
- does not relate to you.
- Disable post by email.
- Disable post by voice.
- Go to your email program and change the password to a very strong one.
- Change your blog account password to a very strong one.
The email address your register your username account with is your unique identifier at WordPress.com. You have two separate email address settings:
Blog notifications for the administrator such as comment approval, Likes, new subscribers, etc are sent to the email address at Settings -> General in the Dashboard.
Personal notifications such as comments on your articles, subscribers alert, and upgrade renewals are sent to the email address at wp Dashboard > Users > Personal Settings.
Keep your blog and email accounts safe and backup your content, so you don’t log-in one day to find your blog is publishing content laden with viruses, malware, obscene material, or that your original content has made into word salad or deleted.
I hope guys these security hacks will surely help you to stay out of any malicious activity on your blog. If you find this post helpful, feel free to share it on fb and twitter. And you can also subscribe us for latest updates and news.